CVE-2013-0270

OpenStack Keystone Grizzly before 2013.1, Folsom, and possibly earlier allows remote attackers to cause a denial of service (CPU and memory consumption) via a large HTTP request, as demonstrated by a long tenant_name when requesting a token.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:openstack:keystone:*:*:*:*:*:*:*:*
cpe:2.3:a:openstack:keystone:*:*:*:*:*:*:*:*
cpe:2.3:a:openstack:keystone:2013.1:milestone1:*:*:*:*:*:*
cpe:2.3:a:openstack:keystone:2013.1:milestone2:*:*:*:*:*:*
cpe:2.3:a:openstack:keystone:2013.1:milestone3:*:*:*:*:*:*

History

No history.

Information

Published : 2013-04-12 22:55

Updated : 2024-02-04 18:16


NVD link : CVE-2013-0270

Mitre link : CVE-2013-0270

CVE.ORG link : CVE-2013-0270


JSON object : View

Products Affected

openstack

  • keystone
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer